{"id":22751,"date":"2020-04-16T17:21:19","date_gmt":"2020-04-16T17:21:19","guid":{"rendered":"https:\/\/sectona.com\/?p=22751"},"modified":"2022-12-06T10:12:57","modified_gmt":"2022-12-06T10:12:57","slug":"sessions-for-remote-users","status":"publish","type":"post","link":"https:\/\/sectona.com\/technology\/sessions-for-remote-users\/","title":{"rendered":"Remote Users and Security: Running Isolated Privileged Sessions"},"content":{"rendered":"\n

More than\u202f40 per cent of top executives<\/em><\/a>\u202ffrom the CNBC Technology Executive Council have confirmed that data and cyber-attacks on remote users have surged since the start of the work from home model. After the COVID-19 pandemic, a large number of organizations have started to define a new norm for Working from Home. On the other hand, other sets of companies are embracing a hybrid environment, and many of their on-premises components aren\u2019t going anywhere soon. <\/p>\n\n\n\n

CIOs and CISOs are navigating these turbulent times of keeping employees safe with by shifting to remote work while running business operations from cyber threats. As millions of the workforce work from home, including IT teams,\u202fmistakes and human errors are bound to open the door to cyber attackers<\/em><\/a>.\u202f <\/p>\n\n\n\n

As people remain a perimeter control in an organization, hackers continue to exploit vulnerabilities and focus their efforts on compromising user credentials. IT teams have now been forced to run privileged activities outside the conventional IT setup remote users. Some of these remote access processes have never been stress-tested or risk-evaluated. Protecting access to these technologies is critical, as VPNs and Virtual Desktops have become the new attack vectors and the gateway to your internal networks for cyber attackers. <\/p>\n\n\n\n

Considering the rapid surge of this pandemic, IT Teams are not entirely prepared for a massive spike in work-from-home environments. Privileged users, developers, and application teams have been accustomed to working from hardened, monitored and controlled office machines. However, the pandemic wave has forced organisations to ship desktops, allowing employees to work from home and sustain business as usual. Some organisations have allowed access from personal devices to office environments with\/without standard VPN setups. In such scenarios,\u202femployee access is susceptible<\/em>\u202fto unknown environmental attacks like threats on Wi-Fi networks. At the same time, organisations must evaluate the risk posed by increasing insider threats, data leakages and unmonitored access facing remote users. <\/p>\n\n\n\n

VPN-Based Access or Direct Access to Cloud Servers<\/strong> <\/h2>\n\n\n\n

In general scenarios, many internal IT users require a specific operating environment to access their workstations. In the case of external users, specific access is provided to RDP or SSH sessions via VPN.\u202f  <\/p>\n\n\n\n

VPNs typically provide security by encrypting the traffic, with some providers adding features for a basic device health check and source country check. In a privileged access scenario, typically, a user with a potentially unknown & possibly vulnerable machine eventually has high privilege access to your environment. This also means that regular data movements, identity checks, and audit logging control are limited.\u202f <\/p>\n\n\n\n

Learn more about the vulnerabilities of VPN-based remote access<\/a>\u202f<\/em> <\/p>\n\n\n\n

The public cloud environment is susceptible to attacks where direct server access is granted to IT teams. While this is a common scenario for test environments, poor network configuration or misconfiguration could expose your network to a major breach hotspot. <\/p>\n\n\n\n

Isolated Privileged Sessions for Remote Users<\/strong> <\/h2>\n\n\n\n

Isolating privileged sessions<\/em><\/a>\u202ffrom the outside world or your trusted remote users is an ideal scenario for planning your privileged access strategy for remote users. Provisioning\u202fBastion Hosts<\/em><\/a>\u202f<\/em>to\u202fsecure your production environment (on-premise, public or private cloud)\u202f<\/em>without boundaries is recommended to withstand attacks while allowing access to critical applications & assets. <\/p>\n\n\n\n

Often managing Bastion hosts like Windows Terminal Servers require skills for specialized hardening parameters, network re-configuration & additional licensing issues & additional user access management (if managed outside your trusted windows domain). <\/p>\n\n\n\n

Sanitize Your Attack Surface with Sectona PAM\u2019s True Session Isolation<\/strong> <\/h2>\n\n\n\n

Sectona\u202fPrivileged Access Management\u202f<\/a>is a quick-to-deploy solution with the option for software-defined proxies for RDP, SSH & Web Sessions. The solution comes with a pre-configuration setup for allowing access using Windows Terminal Services. <\/p>\n\n\n\n

It has an advanced technology that seamlessly allows RDP, SSH, and Web sessions over TLS on port 443, enabling you to traverse corporate firewalls easily. With added control of the restricted movement of data and isolating the user machine to connect to your environment significantly reduces your attack surface. <\/p>\n\n\n\n

Know more about Sectona Privileged Access Management for remote users<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

More than\u202f40 per cent of top executives\u202ffrom the CNBC Technology…<\/p>\n","protected":false},"author":15,"featured_media":53362,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"disable","_kad_post_title":"default","_kad_post_layout":"default","_kad_post_sidebar_id":"default","_kad_post_content_style":"default","_kad_post_vertical_padding":"default","_kad_post_feature":"default","_kad_post_feature_position":"default","_kad_post_header":false,"_kad_post_footer":false,"_vp_format_video_url":"","_vp_image_focal_point":[]},"categories":[60],"tags":[],"_links":{"self":[{"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/posts\/22751"}],"collection":[{"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/comments?post=22751"}],"version-history":[{"count":6,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/posts\/22751\/revisions"}],"predecessor-version":[{"id":52857,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/posts\/22751\/revisions\/52857"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/media\/53362"}],"wp:attachment":[{"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/media?parent=22751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/categories?post=22751"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sectona.com\/wp-json\/wp\/v2\/tags?post=22751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}